Security News

Cybersecurity company Fortinet has confirmed that a critical security vulnerability in FortiManager devices has reportedly been actively exploited in the wild.  The critical vulnerability dubbed as CVE-2024-47575 (CVSS score: 9.8), also known as FortiJump, originates from the FortiGate to FortiManager (FGFM) protocol in FortiManager and FortiManager Cloud. “A missing authentication for critical function vulnerability [CWE-306] … Read more

Cybersecurity firm Fortra has discovered a new security flaw in a Windows driver that is causing the infamous BSOD (Blue Screen of Death) on fully updated Windows PCs. The vulnerability, tracked as CVE-2024-6768, is a denial of service (DoS) in the Common Log File System (CLFS.sys) driver of Microsoft Windows 10, Windows 11, Windows Server … Read more

Microsoft recently patched a zero-day Windows vulnerability that was being actively exploited by the infamous North Korean hacking group Lazarus. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), was patched as part of the company’s August 2024 Patch Tuesday updates. This flaw has been described as a privilege escalation bug within the Windows Ancillary Function Driver … Read more

The Federal Bureau of Investigation (FBI) on Tuesday warned that malicious cyber actors from North Korea are carrying out specialized, difficult-to-detect social engineering campaigns against cryptocurrency companies and their employees to deploy malware and steal company cryptocurrency. “North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the … Read more

Google has identified and patched a critical zero-day vulnerability in its Android operating system that is being exploited actively in the wild. The high-severity vulnerability tracked as CVE-2024-32896 (CVSS score: 7.8) is classified as a high-severity elevation of privilege (EoP) flaw in Pixel firmware. An elevation of privilege vulnerability occurs when a user or app … Read more

Fortinet, the third-largest cyber security firm in the world, confirmed on Thursday that they suffered a data breach after a hacker claimed unauthorized access to a third-party cloud-based file-sharing service used by the company, affecting a small number of its customers in the Asia-Pacific region. Fortinet, a company based in Sunnyvale, California, develops and sells … Read more